<?php
require_once("../includes/public.inc.php");
require_once ("../mobile/shop.php");
session_start();
$userinfo = isset($_SESSION['userinfo'])?$_SESSION['userinfo']:'';
// var_dump($_POST);exit;
if (!empty($userinfo)) 
{
	if ($_GET['act'] == 'create')
	{
		if ($_POST)
		{
			$color = $_POST['color'];
			$size = $_POST['size'];
			$pro = getProductDetail($_POST['pro_id']);
			$credit = $userinfo['credit'];
			$ordernumber = createnum();
			$users_id = $userinfo['id'];
			$openid = $userinfo['openid'];
			$product_id = $_POST['pro_id'];
			$product_name = $pro['name'];
			$quantity = $_POST['quantity'];
			$amount = $_POST['price']*$_POST['quantity'];
			$price = $_POST['price'];
			$yh_price = ($amount-$userinfo['credit'])>=0?$userinfo['credit']:$amount;
			$should_pay = $amount - $yh_price;
			$name = $_POST['name'];
			$tel = $_POST['phone'];
			$province = $_POST['province'];
			$city = $_POST['city'];
			$address = $_POST['address'];
			$paystatus = 0;
			$create_time = date("Y-m-d H:i:s");
			$status = 1;
			$note = trim($_POST['note']);
			
			$sql = 'INSERT INTO `'.DBQIAN.'buylog` (`id`, `ordernumber`, `users_id`, `openid`,`product_id`,`product_name`,`amount`, `price`,`yh_price`,`should_pay`, `quantity`,`name`,`tel`, `province`,`city`,`address`, `paystatus`,`size`, `color`,`create_time`, `status`,`note`)
			values(null,\''.$ordernumber.'\',\''.$users_id.'\',\''.$openid.'\',\''.$product_id.'\',\''.$product_name.'\',\''.$amount.'\',\''.$price.'\',\''.$yh_price.'\',\''.$should_pay.'\',\''.$quantity.'\',\''.$name.'\',\''.$tel.'\',\''.$province.'\',\''.$city.'\',\''.$address.'\',\''.$paystatus.'\',\''.$size.'\',\''.$color.'\',\''.$create_time.'\',\''.$status.'\',\''.$note.'\')';
// 			echo $sql;exit;
			$result1 = mysql_query($sql);
			if ($result1)
			{
				$result2 = mysql_query('update '.DBQIAN.'users set credit=credit-'.$yh_price.' where id ='.$userinfo['id']);
				if($result2)
				{
					$order = mysql_query('select id from '.DBQIAN.'buylog where ordernumber='.$ordernumber);
					$id = mysql_fetch_array($order);
					echo '<script>location.href=\'gopay.php?id='.$id['id'].'\'</script>';
				}
			}
			else
			{
				echo '<a href="javascript:history.go(-1)">出现错误，返回</a>';
			}
		}
	}
	
	if ($_GET['act'] == 'gopay')
	{
		$id = $_GET['orderid'];
		$order = mysql_fetch_array(mysql_query('select should_pay from '.DBQIAN.'buylog where id='.$id));
		if ($order)
		{
			if($order['should_pay'] == 0)
			{
				$result = mysql_query('update '.DBQIAN.'buylog set status=5,paystatus=1,paytime=\''.date("Y-m-d H:i:s").'\' where id ='.$id.'');
				if ($result)
				{
					echo '<script>location.href=\'orderdetail.php?id='.$id.'\'</script>';
				}
			}
			else //微信支付
			{
				
			}
		}
	}
	
	if($_GET['act'] == 'comfirm')//确认收货
	{
		$id = $_GET['orderid'];
		$result1 = mysql_query('update '.DBQIAN.'buylog set status=6 where id ='.$id);
		if ($result1)
		{
			echo '<script>alert(\'确认收货成功\');location.href=\'orderdetail.php?id='.$id.'\'</script>';
		}
	
	}
	
	if($_GET['act'] == 'cancle')
	{
		$id = $_GET['orderid'];
		$credit = mysql_fetch_array(mysql_query('select yh_price from '.DBQIAN.'buylog where id='.$id));
		$result1 = mysql_query('update '.DBQIAN.'buylog set status=7 where id ='.$id);
		if ($result1)
		{
			$result2 = mysql_query('update '.DBQIAN.'users set credit=credit+'.$credit['yh_price'].' where openid =\''.$userinfo['openid'].'\'');
			if ($result2)
			{
				echo '<script>alert(\'取消订单成功\');location.href=\'productlist.php\'</script>';
			}
		}
	
	}
}
else
{
	echo "<script>alert('非法进入，请检查提交的数据是否正确!!');</script>";exit;
}

function createnum()
{
	$dingdanhao = date("YmdHis");
	$dingdanhao .= rand(1000,9999);
	$num = mysql_query('select ordernumber from '.DBQIAN.'buylog where ordernumber ='.$dingdanhao);
	$order = mysql_fetch_array($num);
	if ($order)
	{
		createnum();
	}
	else
	{
		return $dingdanhao;
	}
}
